Windows PowerShell command on Get-command netgroup
MyWebUniversity

Manual Pages for UNIX Operating System command usage for man netgroup




File Formats                                          netgroup(4)





NAME

     netgroup - list of network groups



SYNOPSIS

     /etc/netgroup




DESCRIPTION

     A netgroup defines a network-wide group of hosts and  users.

     Use  a netgroup to restrict access to shared NFS filesystems

     and to restrict remote login and shell access.


     Network groups are stored in a network information services,
     such as LDAP or NIS, not in a local file.


     This manual page describes the format for  a  file  that  is
     used to supply input to a program such as ldapaddent(1M) for
     LDAP or makedbm(1M) for NIS. These programs build maps  used
     by their corresponding network information services.


     Each line of the file defines the name and membership  of  a
     network group. The line should have the format:

       groupname     member...




     The items on a line can be separated by a combination of one
     or more spaces or tabs.


     The groupname is the name of the group being  defined.  This
     is  followed  by a list of members of the group. Each member
     is either another group name, all of whose members are to be
     included  in  the  group  being  defined, or a triple of the
     form:

       (hostname,username,domainname)




     In each triple, any of the three fields hostname,  username,
     and  domainname,  can  be  empty. An empty field signifies a
     wildcard that matches any value in that field. Thus:

       everything (,,this.domain)





SunOS 5.11          Last change: 10 Dec 2009                    1








File Formats                                          netgroup(4)




     defines  a  group  named   "everything"   for   the   domain
     "this.domain" to which every host and user belongs.



     The domainname field refers to the domain in which the  tri-

     ple is valid, not the domain containing the host or user. In

     fact, applications using netgroup generally do not check the

     domainname. Therefore, using

       (,,domain)




     is equivalent to

       (,,)





     You can also use netgroups to control NFS mount access  (see

     share_nfs(1M))  and to control remote login and shell access

     (see hosts.equiv(4)). You can also use them to control local
     login  access  (see  passwd(4),  shadow(4),  and  compat  in
     nsswitch.conf(4)).


     When used for these purposes, a host is considered a  member

     of  a  netgroup if the netgroup contains any triple in which

     the hostname field matches the name of the  host  requesting
     access  and  the  domainname field matches the domain of the
     host controlling access.



     Similarly, a user is considered a member of  a  netgroup  if

     the netgroup contains any triple in which the username field

     matches the name of  the  user  requesting  access  and  the
     domainname  field matches the domain of the host controlling
     access.



     Note that when netgroups  are  used  to  control  NFS  mount

     access,  access  is  granted  depending  only on whether the

     requesting host is a member of the  netgroup.  Remote  login

     and shell access can be controlled both on the basis of host

     and user membership in separate netgroups.


FILES

     /etc/netgroup    Used by  a  network  information  service's

                      utility  to  construct  a map or table that

                      contains netgroup information. For example,





SunOS 5.11          Last change: 10 Dec 2009                    2








File Formats                                          netgroup(4)





                      ldapaddent(1M)  uses  /etc/netgroup to con-

                      struct an LDAP container.




     Note that the netgroup information must always be stored  in

     a  network  information  service,  such  as LDAP or NIS. The
     local file is only used to construct a map or table for  the
     network information service. It is never consulted directly.


SEE ALSO

     ldapaddent(1M),  makedbm(1M),  share_nfs(1M),   innetgr(3C),

     hosts(4),  hosts.equiv(4), nsswitch.conf(4), passwd(4), sha-

     dow(4)

NOTES

     netgroup requires a network information service such as LDAP

     or NIS.


     Applications may make general  membership  tests  using  the
     innetgr() function. See innetgr(3C).



     Because the "-" character will not match any specific  user-

     name  or hostname, it is commonly used as a placeholder that

     will match only wildcarded membership queries. So, for exam-

     ple:


       onlyhosts (host1,-,our.domain) (host2,-,our.domain)

       onlyusers (-,john,our.domain) (-,linda,our.domain)






     effectively define netgroups containing only hosts and  only

     users, respectively. Any other string that is guaranteed not
     to be a legal username or hostname  will  also  suffice  for
     this purpose.


     Use of placeholders will improve search performance.


     When a machine with multiple interfaces and  multiple  names

     is  defined  as a member of a netgroup, one must list all of

     the names. See hosts(4). A manageable way to do this  is  to

     define  a  netgroup containing all of the machine names. For

     example, for a  host  "gateway"  that  has  names  "gateway-

     subnet1" and "gateway-subnet2" one may define the netgroup:



       gateway (gateway-subnet1,,our.domain) (gateway-subnet2,,our.domain)





SunOS 5.11          Last change: 10 Dec 2009                    3








File Formats                                          netgroup(4)





     and use this netgroup "gateway" whenever the host is  to  be

     included in another netgroup.























































SunOS 5.11          Last change: 10 Dec 2009                    4



Contact us      |      About us      |      Term of use      |       Copyright © 2000-2019 MyWebUniversity.com ™